[Owasp-austin] Austin Security Professionals Happy Hour and other announcements

Josh Sokol josh.sokol at owasp.org
Tue Jan 15 16:32:57 UTC 2013


I'm told that in addition to Trusteer sponsoring our food and drinks, they
will also be giving away a brand new iPad at Thursday night's Austin
Security Professionals Happy Hour.  Be sure to bring your business card to
get entered in the drawing!  Odds of winning should be fantastic!

~josh


On Mon, Jan 14, 2013 at 2:45 PM, David Hughes <david.hughes at owasp.org>wrote:

>
> *
>  January Austin Security Professionals Happy Hour, Sponsored by Trusteer
> *
>
> Please RSVP so we will have an idea of how many to expect!
>
>
>
> *When: *Thursday, January 17th, from 5-7pm
>
> *Where:* Sherlocks Baker Street Pub and Grill at the corner of 183 and
> Burnett
>
> *What is it? *The Austin Security Professionals Happy Hour is a monthly
> gathering of information security professionals from the Austin area,
> jointly organized by OWASP and ISSA. It is a time to enjoy some drinks and
> food provided by our sponsors, and a good opportunity to get to know other
> InfoSec professionals. Come on down and hang out with a bunch of hackers
> and geeks!
>
> *RSVP: *http://jan2013infosechappyhour.eventbrite.com
>
> *
> Our Sponsor: Trusteer*
>
> Boston-based Trusteer is the leading provider of endpoint cybercrime
> prevention solutions that protect businesses against advanced threats and
> prevent data breaches. Hundreds of organizations and millions of end users
> rely on Trusteer to protect critical endpoint applications on computers and
> mobile devices from advanced malware and spear-phishing attacks. Trusteer’s
> Cybercrime Prevention Architecture combines multi-layer security software
> with real-time threat intelligence to stop emerging threats that are
> invisible to legacy security solutions. To learn more about Trusteer
> solutions and customer success visit  http://www.trusteer.com.
>   [image: Trusteer]
>
> *
> *
>
> *RSVP: *http://jan2013infosechappyhour.eventbrite.com*
> *
>
> *
> *
>
> *********************************
> *
>
> *
> *
>
> *
> January OWASP Chapter Meeting - "**Data events, or why security is
> cloudier than you think" - Wendy Nather
> *
>
> *
> *
>
> *When:* January 29th from 11:30a - 1:00p
>
> *Who:* Wendy Nather
>
> Wendy Nather is Research Director of the 451 Research Enterprise Security
> Practice. With over 20 years of IT experience, she built and managed the IT
> security program at the Texas Education Agency, where she directed
> multimillion-dollar initiatives for a statewide external user base of over
> 50,000. She also provided security guidance for the datacenter
> consolidation of 27 Texas state agencies.
>
> Wendy previously worked in various roles in the investment banking
> division of Swiss Bank Corp (now UBS). Based in Chicago, Zurich and London,
> she also served as the first IT Security Director for the EMEA region. She
> has spoken at various industry conferences in the US and abroad, and
> co-authored The Cloud Security Rules. She was also named one of Tripwire
> Inc.’s “Top 25 Influencers in Security.”
>
>
> *Topic:* Data events, or why security is cloudier than you think.
>
> *Abstract:* Data security doesn't involve just securing data at rest or
> in transit. It also needs to be secured in use ­ which means that at any
> point, the characteristics of the data can change. We call this situation a
> "data event," and it can mean that security requirements have to change as
> a result.
>
> This is not the same thing as logging event data; this is taking into
> account changes in the combination, use or business context surrounding
> specific data. For example, a press release is confidential and requires a
> certain set of security policies in the areas of access control, DLP, key
> management (if encryption is involved), and so on. But once the business
> event occurs, the press release suddenly becomes the opposite of
> confidential, and all the policies have to change immediately as a result.
>
> Data events can also occur when data elements are combined in particular
> ways so that they become covered by regulations. A query might produce a
> small enough sample size that it needs to be treated as protected
> information, or a doctor becomes a patient so that her name is now
> protected by HIPAA. Data events are often tied closely to the business
> context, and as such can mirror transactions and workflows.
>
> Data events are important because traditional security policies have been
> applied to the current container of the data: this database is confidential
> because some rows are confidential, or this Word document requires access
> control (but its content can be copied and pasted somewhere else).
> Container-centric security is too static for today's high-speed, big-data,
> cloud-based (pick as many buzzwords as you like) processing.
>
> This talk will describe the concept of data events, and will invite
> audience discussion on how security controls can be adapted to them.
>
>
> *Food:* Oh yeah, Taco Deli time! Please RSVP so we'll be sure to have
> enough for all! Only those who RSVP will be eligible for any
> drawings/giveaways that may take place!
>
>
> *Location:* National Instruments, 11500 N. Mopac.Building C
>
> *RSVP:* http://owaspjanuary.eventbrite.com/
>
> *************************************************
> *
>
> *OWASP Study Group*
>  We meet every Wednesday from 12:00p-1:00p at National Instruments
> Building A on the second floor in one of the large conference rooms. Paul
> Griffiths, our Vice President, has been guiding these meetings. We are
> still finishing up "Metasploit: the Penetration Tester's Guide" by Dave
> Kennedy.
>
>  It's a great networking opportunity and you just might learn something in
> the process and teach others as well!
>
> _______________________________________________
> Owasp-austin mailing list
> Owasp-austin at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-austin
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-austin/attachments/20130115/5efcfd5f/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/png
Size: 2567 bytes
Desc: not available
URL: <http://lists.owasp.org/pipermail/owasp-austin/attachments/20130115/5efcfd5f/attachment.png>


More information about the Owasp-austin mailing list